BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Similar documents
SAP Security in a Hybrid World. Kiran Kola

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

CIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products

Expertise that goes beyond experience.

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

The Modern Web Access Management Platform from on-premises to the Cloud

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

ForgeRock Access Management Core Concepts AM-400 Course Description. Revision B

Access Management Handbook

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Next Generation Authentication

Liferay Security Features Overview. How Liferay Approaches Security

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

The Old is New Again Engineering Security in the Age of Data Access from Anywhere

Why Microsoft Azure is the right choice for your Public Cloud, a Consultants view by Simon Conyard

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

Unified Secure Access Beyond VPN

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

OpenIAM Identity and Access Manager Technical Architecture Overview

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

ESSENTIAL RECIPES FOR THE DIGITAL JOURNEY OF ENTERPRISES

Crash course in Azure Active Directory

EXPERTS LIVE SUMMER NIGHT. Close your datacenter and give your users-wings

Privileged Identity Management

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES BEST PRACTICES FOR IDENTITY FEDERATION IN AWS E-BOOK

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

IBM Security Access Manager

Cybersecurity Roadmap: Global Healthcare Security Architecture

Best Practices: Authentication & Authorization Infrastructure. Massimo Benini HPCAC - April,

Tracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Mobile Devices prioritize User Experience

The Now Platform Reference Guide

Novell Access Manager 3.1

Managing Your Privileged Identities: The Choke Point of Advanced Attacks

Challenges in Authenticationand Identity Management

Security Readiness Assessment

Virtual Machine Encryption Security & Compliance in the Cloud

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

Cloud Essentials for Architects using OpenStack

REVISED 4 JANUARY 2018 VMWARE WORKSPACE ONE REFERENCE ARCHITECTURE FOR SAAS DEPLOYMENTS

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

WSO2 Identity Management

Microsoft 365 Security & Compliance For Small- and Mid-Sized Businesses

Evidian. Web Access Authentication for Apps

App Gateway Deployment Guide

Securing Data in the Cloud: Point of View

Secure Access & SWIFT Customer Security Controls Framework

Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control

Single Sign-On Best Practices

Google Identity Services for work

Google on BeyondCorp: Empowering employees with security for the cloud era

GDPR How we can help. Solvit Networks CA. ALL RIGHTS RESERVED.

Yubico with Centrify for Mac - Deployment Guide

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Enterprise Guest Access

Certification Exam Guide SALESFORCE CERTIFIED IDENTITY AND ACCESS MANAGEMENT DESIGNER. Summer Salesforce.com, inc. All rights reserved.

A Welcome to Federated Identity Nate Klingenstein, Internet2, USA. Prepared for the Matsuyama University, December 2013

Cracking the Access Management Code for Your Business

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

Accelerate Your Enterprise Private Cloud Initiative

The Device Has Left the Building

Service Description VMware Workspace ONE

REVIEWERS GUIDE NOVEMBER 2017 REVIEWER S GUIDE FOR CLOUD-BASED VMWARE WORKSPACE ONE: MOBILE SINGLE SIGN-ON. VMware Workspace ONE

SOFTWARE DEMONSTRATION

Securing Office 365 with MobileIron

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

CA CloudMinder. Administration Guide 1.52

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

Data Center Management and Automation Strategic Briefing

Safelayer's Adaptive Authentication: Increased security through context information

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Bring Your Own Device. Peter Silva Technical Marketing Manager

SIEM Solutions from McAfee

Certification Exam Guide SALESFORCE CERTIFIED IDENTITY AND ACCESS MANAGEMENT DESIGNER. Winter Salesforce.com, inc. All rights reserved.

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

IBM Future of Work Forum

Centrify Identity Services for AWS

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

RHM Presentation. Maas 360 Mobile device management

Security Diagnostics for IAM

CA SSO Cloud-Enabled with SSO/Rest

SECURITY REDEFINED. Managing risk and securing the business in the age of the third platform. Copyright 2014 EMC Corporation. All rights reserved.

MEETING ISO STANDARDS

1 IAM Program Launch. 2 Agenda. 3 Introductions. Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications

Secure wired and wireless networks with smart access control

The flexible IAM platform

Who s Protecting Your Keys? August 2018

Security

Introduction. The Safe-T Solution

MaaS360 Secure Productivity Suite

W H IT E P A P E R. Salesforce Security for the IT Executive

Przejmij kontrolę nad użytkownikiem, czyli unifikacja dostępu do aplikacji w zróżnicowanym środowisku

Identity-Powered Security

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Transcription:

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

OUR ORGANISATION AND SPECIALIST SKILLS Focused on delivery, integration and managed services around Identity and Access Management. Specialist Consultancy (Principal Consultant, Senior, Consultant and Juniors); Project and Programme Management; Analysis (Business and Technical Analysts); Software Development; Test Services; and Creative (including interface design and internal marketing). A dedicated Software Development organisation, our portfolio helps our clients to achieve their business goals by providing capabilities across: Centralised Audit; Federated Identity Management; Identity and User Lifecycle Management; Identity and Access Governance, included Segregation of Duties Management; Mobile Access and Device Management; Strong Authentication, Web Access Management and Single Sign-On.

UNDERSTANDING THE IAM EVOLUTION WHY DO WE NEED TO MOVE BEYOND AUTHENTICATION?

UNDERSTANDING THE IAM EVOLUTION THE TRADITIONAL IT MODEL Users Internal, External, Hybrid (i.e. VPN) Devices PCs (desktop/laptop) and email clients Risks Internal staff, External users, Malware Entitlements Static and setup in advance Internal users access internal apps External user access external apps Identities HR driven enrolment with fixed entitlements Self or pre-registered external users with simple entitlement model

UNDERSTANDING THE IAM EVOLUTION TRADITIONAL IDENTITY AND ACCESS MANAGEMENT Web Access Management Centralised proxy or a collection of deployed agents SSO Cookies, HTML form completion, headers, Kerberos Controls Passwords, hardware tokens, SMS OTP Compliance Analysis, review and approval of entitlements held within every internal user data repository Resolution or dispensation of breaches Data Privacy Enforcement of secure data channels Privileged user/system account controls Lock down of client and server OS

UNDERSTANDING THE IAM EVOLUTION ADAPTING TO FUNDAMENTAL CHANGES Cloud Devices Applications are no longer only internal End user devices can be mobile Devices no longer all internally owned User Expectation Intuitive access at anytime, from anywhere on anything Business Expectation Risk IAM is now a business differentiator Ability for IAM to adapt rapidly Context and device now contributory factors

UNDERSTANDING THE IAM EVOLUTION NEW IAM REQUIREMENTS IAM that spans Federated, Datacentre and mobile services Support for incremental change Evolving beyond the password Mitigating the need for role mining Support for B.Y.O.D. Support for Bring Your Own Identity Risk-appropriate entitlements Unification of user experience

UNDERSTANDING THE IAM EVOLUTION HOW DO WE ADAPT? Orchestration Strength Context Unification of UX, IAM and business processes Pluggable adaptive IAM workflows Unification of multi-vendor infrastructures Work from a proven security infrastructure Make use of new open source technology Align with proven industry standards» SAML, OAuth, WS-*, OpenID Connect Understand a service s Business Impact Level (BIL) Appreciate the Level of Assurance (LoA) in a user s identity Recognise the status of a user s chosen device» Untrusted, Trusted and Compliant

IDENTITY IS CENTRAL TO ENABLING ACCESS EVERYWHERE IBM IS HELPING CLIENTS TACKLE INSIDER THREAT AND ADOPT SOCIAL, MOBILE AND CLOUD USE CASES TODAY WITH FLEXIBLE, LAYERED SECURITY SOLUTIONS IAM & Federation Web Application Scanning Virtualisation Security Network Security Image & Patch Management Database Monitoring IBM Security Intelligence

IBM NEXT GENERATION IDENTITY AND ACCESS MANAGEMENT STRATEGY Standardised IAM and Compliance Management Secure Cloud, Mobile, Social Interaction Insider Threat and IAM Governance

IDENTITY MANAGER 6.0 AND PRIVILEGED IDENTITY MANAGER IBM SECURITY IDENTITY MANAGER 6.0 Integrated role and identity management Adapters for provisioning to cloud services Rich adapters with health check, self-monitoring Simplified Web services API for self service UI IBM SECURITY PRIVILEGED IDENTITY MANAGER Control shared access and lifecycle Automate check-in/check-out with fine-grained audit Integrated with Enterprise SSO

IBM SECURITY ACCESS MANAGER 7.0 IBM SECURITY ACCESS MANAGER FOR WEB User access + integrated web content protection New Hardware Appliance (Access Manager Proxy) Highly scalable web access management Lower TCO and easy to deploy 3 rd party integration Web Access & Application Protection (software, virtual, HW appliance) IBM SECURITY ACCESS MANAGER FOR CLOUD & MOBILE OAuth authorisation service and enforcement points Built-in Risk-based Access control Wizard-driven integration with Google, SalesForce Federated, Risk-based Access

INTRODUCING PIREAN SOFTWARE Our focus is to build a portfolio of solutions which address the challenges of Identity, Access and Mobile management. Our Software portfolio helps accelerate IBM deployments and enables clients to achieve their business goals with: ACCESS: ONE RISK MANAGER User Experience, Self-Service, Mobile Authentication, Mobile Device Management, Single Sign-On, Strong Authentication, and Federated Identity. Service Desk Integration, Rule Based Compliance and Risk, Dynamic Reporting and Dashboarding, Entitlements Enrichment, Compliance and Audit.

INTRODUCING ACCESS: ONE PIREAN ACCESS: ONE CAPABILITIES Provides an IAM workflow framework Supports incremental/rapid change Context-driven IAM WebTop and corporate AppStore Multiple parallel UI themes Modelling of LoA, BIL and risk score Dashboarding of IAM metrics

INTRODUCING ACCESS: ONE SAMPLE USE CASES The screenshots below illustrate some common use cases of how customers have leveraged Access: One to strengthen security and enrich the user experience during user registration and authentication.

INTRODUCING ACCESS: ONE SAMPLE LOOK AND FEEL The screenshots below illustrate production instances of Access: One protecting customer systems.

WALKTHROUGH OF REAL LIFE SCENARIOS BEYOND AUTHENTICATION REAL LIFE SCENARIOS Internal Employees External Customers Web Services Audience 1K to 100K users 100K 100M users 10s/100s services Compliance Requirements Entitlements Access Mgmt. Identity Mgmt. UX Strong with regular review Low Strong with regular review Complex, changeable, privileged access Multi-factor, risk/context driven, dynamic authorisation Centralised, complex and approval-driven process Easy of use with low service desk dependency Simple and static Strong and easy to use. Supports BYOI User driven via self service capabilities Rich UX with cross device support Simple and static Password or token (WS-*, SAML, Kerberos) Typically setup locally None

ACCESS: ONE AND IBM PROVIDING CENTRALISED ACCESS FOR CLOUD AND CORPORATE RESOURCES Internal Internal Federated Apps Apps Applications IBM Security Security Federated Federated IBM Identity Manager Identity Manager Login through SAML, WS Federation, etc Access: One One Access: Orchestration Orchestration IBM Security Access Manager Internal Internal Applications Apps Apps 1 and 2-factor login through reverse proxy Access: One Themes and Presentation Services Web Services External Applications IBM Security Identity Manager Access requests and provisioning Access: One Provisioning Plug-In Internal Internal Directories and Apps Applications Apps

BEYOND AUTHENTICATION INTERNAL EMPLOYEE WEB ACCESS SCENARIO Web Access Management Enterprise Service Bus Security Directory (LDAP) + Other User Data Sources WALKTHROUGH OF REAL LIFE SCENARIOS

WALKTHROUGH OF REAL LIFE SCENARIOS BEYOND AUTHENTICATION EXTERNAL CUSTOMERS WEB ACCESS Customer via Mobile Application Customer via Browser Customer via Phone Web Access Management Web Web Applications Applications Web Federation Endpoint Authentication and Registration Presentation IVR System Security Token Mediation Enterprise Service Bus Policy Enforcement Secure Token Service Authentication and Registration Services Authorisation Service Security Directory (LDAP) + Other User Data Sources

SUMMARY CONCLUSIONS An(other) evolution in the IT landscape has begun We need to: Support on-going incremental change Embrace the new opportunities in Cloud, Mobile and Data Build with the strongest security infrastructure with the most innovative tools IBM Security Portfolio + Pirean Software = Beyond Authentication

NEXT STEPS WANT TO KNOW MORE? Live Access: One demonstrations are available at the IBM stand on the exhibition show floor (H80) A webinar on Orchestrated IAM will be held in May Please indicate your interest in attending on the feedback form IBM and Pirean co-hosted IAM Proof-Of- Technology session in May Please indicate your interest in attending on the feedback form

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback